Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-3837
HistoryNov 05, 2010 - 12:00 a.m.

CVE-2010-3837

2010-11-0500:00:00
ubuntu.com
ubuntu.com
6

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.6%

JSON

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows
remote authenticated users to cause a denial of service (server crash) via
a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier,
probably triggering a use-after-free error when a copied object is modified
in a way that also affects the original object.

Bugs

Notes

Author Note
jdstrand mysql-cluster-7.0 not supported per server team
OSVersionArchitecturePackageVersionFilename
ubuntu10.10noarchmysql-5.1< 5.1.49-1ubuntu8.1UNKNOWN
ubuntu6.06noarchmysql-dfsg-5.0< 5.0.22-0ubuntu6.06.15UNKNOWN
ubuntu8.04noarchmysql-dfsg-5.0< 5.0.51a-3ubuntu5.8UNKNOWN
ubuntu9.10noarchmysql-dfsg-5.1< 5.1.37-1ubuntu5.5UNKNOWN
ubuntu10.04noarchmysql-dfsg-5.1< 5.1.41-3ubuntu12.7UNKNOWN

Related

cvelist 1
nvd 1
cve 1
veracode 1
prion 1
openvas 21
nessus 26
osv 1
debian 2
oraclelinux 2
centos 1
redhat 2
securityvulns 4
ubuntu 2
gentoo 1
cvelist
cvelist
CVE-2010-3837
2011-01-14 18:00:00
nvd
nvd
CVE-2010-3837
2011-01-14 19:02:43
cve
cve
CVE-2010-3837
2011-01-14 19:02:43
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:44
prion
prion
Design/Logic Flaw
2011-01-14 19:02:00
openvas
openvas
MySQL Multiple Denial of Service Vulnerabilities
2011-01-21 00:00:00
Mandriva Update for mysql MDVSA-2010:223 (mysql)
2010-11-16 00:00:00
Mandriva Update for mysql MDVSA-2010:223 (mysql)
2010-11-16 00:00:00
nessus
nessus
MySQL < 5.0.92 Multiple Denial of Service
2012-01-18 00:00:00
MySQL < 5.5.6 Multiple Denial of Service
2012-01-18 00:00:00
openSUSE Security Update : libmariadbclient16 (openSUSE-SU-2011:0743-1)
2014-06-13 00:00:00
osv
osv
mysql-dfsg-5.0 - several vulnerabilities
2011-01-14 00:00:00
debian
debian
[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2011-01-14 09:07:22
[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2011-01-14 09:07:22
oraclelinux
oraclelinux
mysql security update
2010-11-03 00:00:00
mysql security update
2011-02-10 00:00:00
centos
centos
mysql security update
2010-11-05 14:26:35
redhat
redhat
(RHSA-2010:0825) Moderate: mysql security update
2010-11-03 00:00:00
(RHSA-2011:0164) Moderate: mysql security update
2011-01-18 00:00:00
securityvulns
securityvulns
[USN-1017-1] MySQL vulnerabilities
2010-11-15 00:00:00
MySQL multiple security vulnerabilities
2010-11-15 00:00:00
About the security content of Mac OS X v10.6.8 and Security Update 2011-004
2011-07-04 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2010-11-11 00:00:00
MySQL vulnerabilities
2012-03-12 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2012-01-05 00:00:00

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.6%

JSON
Related for UB:CVE-2010-3837
cvelist1nvd1cve1veracode1prion1openvas21nessus26osv1debian2oraclelinux2centos1redhat2securityvulns4ubuntu2gentoo1